Jan 30, 2011

When we set up virtual machines with libvirt/KVM on production environments, it is typical that the operating system where we want to create the virtual machines, it does not have a graphical user interface as Gnome or KDE, where we can run the Virtual Machine Manager in order to make or handle them.

For this reason, it is necessary to connect it remotely through Virtual Machine Manager so as to set up new virtual machines where a graphical wizard is required.

In this article, we are going to establish a connection over SSH from a Kubuntu 10.10 to a KVM hypervisor located on an Ubuntu Server 10.10. In this way, the libvirt management connection will be securely tunneled over an SSH connection.

In the following figure, you can see the needed packages which must be installed on each computer. Remember that I already presented a series of articles related to KVM virtualization (I, II, III and IV).

First of all, we must start the libvirtd daemon on the Ubuntu Server. We will also ensure that in successive starts, the daemon will run automatically.

Then, we must generate a public key pair on the computer (kubuntu) where the Virtual Machine Manager (virt-manager package) will be used. In the next step, we have to copy the keys to the machine (ubuntu-server) where libvirtd will be running.

In the previous output, we have copied the keys to the javi user home, where 'javi' is a simple user (no root) of ubuntu-server with rights to manage libvirt (by default, any user belonging to libvirtd group can handle libvirt).

And finally, we only have to to make a remote connection over SSH from the Virtual Machine Manager to the hypervisor located on the Ubuntu Server.

Jan 23, 2011

It is possible that what I am going to tell next can be done in other ways, but I am really sure that it will be very useful for many people. Have you ever thought how to reduce a virtual disk on VMware, KVM, Xen, etc. with a Linux filesystem created inside?

If the virtual disk just contains a filesystem such as ext3, ext4, btrfs, etc., the solution is easy: use any partition tool like GParted, shrink the partition or partitions and copy them to another virtual disk smaller.

But what happens if that virtual disk has a filesystem over a Logical Volume (LV)? The solution is not trivial, since partion tools do not support Logical Volume Management (LVM).

Then I am going to explain my solution. For my tests, I will use a CentOS 5.5 virtual machine under VMware vSphere, with a virtual disk of 64 GB (sda). That virtual disk will have two partitions: sda1 (107 MB) and sda2 (63,88 GB).

My goal will be to decrease the size of the virtual disk from 64 GB to 19 GB.

In order to be able to resize the ext3 filesystem, LV, VG (Volume Group), PV (Physical Volume) and sda2 partition, you must boot the computer in rescue mode (using for example a Live CD).

boot: linux rescue

During the boot process, we will not mount the existing Linux installation and skip directly to the command shell. Then, we have to activate all known volume groups in the system and check the filesystem to rule out possible errors on it.

sh-3.2# lvm vgchange -a y
sh-3.2# e2fsck -f /dev/VolGroup00/LogVol00

Afterwards, first we must resize the filesystem from 62,88 GB to 16 GB and then, the LV.

And finally, we have to resize that sda2 partition. To calculate the end sector, first we must take a look at the partition map in sectors (one sector is 512 bytes), get the starting point of the sda2 partition (208845s), add it the size of the PV (35651584s) and also add a security margin of around 64 MB (131072s).

Jan 17, 2011

Other interesting feature related to Proxmox VE is the possibility to join all Proxmox VE installations in an unique cluster which centralizes and manages all virtual machines. Besides, we will also be able to move the virtual instances between Proxmox VE nodes.

In the following tests we are going to set up a cluster using two Proxmox VE 1.7 servers (proxmox1.local, with IP address 192.168.122.211/24 and proxmox2.local, with IP address 192.168.122.212/24). The two Proxmox VE nodes will be two virtual machines running under KVM.

The cluster setting does not support web management, therefore the only way is to utilize the bash console (pveca command).

First of all, we have to define the master node (for instance proxmox1.local).

And finally, we also have the option of live migration in order to move virtual machines between physical servers. This is an interesting characteristic because in this way, we can locate a virtual machine in other Proxmox node with better hardware, or simply for maintenance tasks.

For example, we are going to imagine that we have a CentOS 5 virtual machine installed on proxmox1.local, and we want to migrate it to proxmox2.local.

For this purpose, we have to open VM Manager, Virtual Machines section and select the Migrate tab. Then, we must select the source and target nodes and the VMID to migrate and press the migrate button (the virtual machine to be moved can be turned on).

Jan 11, 2011

Uncomplicated firewall (ufw) is the default tool included on Ubuntu distributions used to secure all incoming, outgoing and internal network traffic, providing appropiate IPv4 and IPv6 rules based on iptables.

Its files and directories structure is showed then (I have used an Ubuntu Server 10.10 for the tests).

With the 'status verbose', we can see that the default policy is to deny for incoming traffic and to allow for outgoing traffic. We can also change these default policies:

root@ubuntu-server:~# ufw default allow|deny|reject incoming|outgoing

Now we are going to view several examples. For instance, to set up a rule in order to allow the incoming mail traffic (any of the three possibilities is valid - the service names are declared into the /etc/servicies file).

Jan 4, 2011

In the previous article, I presented Proxmox Virtualization Environment, a professional virtualization platform used to make virtual machines based on KVM and OpenVZ technologies.

Today we are going to learn how you can rapidly create a virtual machine from an OpenVZ template (I cannot utilize KVM because I have installed Proxmox VE 1.7 on a KVM/libvirt virtual machine and therefore, that virtual CPU does not have Intel VT / AMD-V support. Don't worry because the KVM process is similar to OpenVZ).

First, we have to open the VM Manager, Appliance Templates section and select the Download tab. Here you can see a list of templates ordered by means of different categories: certified appliances, admin, system and web. Also we can get more OpenVZ templates from lots of web sites and manually upload them to the Proxmox VE data area.

In my test, I am going to choose a CentOS 5 (standard) distribution and download it since Proxmox VE.

Afterwards we have to move to the VM Manager, Virtual Machines, Create section and fill the several fields that you can look in the following figure.

Most of the options are also typical in other virtualization products: hostname, memory, disk space, etc., but I am going to stress two: on the one hand we have the type of virtual machine; I picked out Container (OpenVZ) because it is the only allowed option due to the virtual CPU issue that I commented before. And on the other we must select the sort of network for our virtual machine.

With Proxmox VE you have got two option for the network devices: Virtual Network (venet) or Bridged Ethernet (veth). Basically, venet (virtual network device) provides a point-to-point connection between the guest and the host with better performance and more security, but on the contrary, there is no MAC address and full support of IPv6 stack regarding veth (Virtual eTHernet). In the next article, you can read more information about this topic: Differences between venet and veth.

And finally, we must press the create button and in a few seconds, we will have our virtual machine totally created and perfectly working.

In order to launch it, we must go to the VM Manager, Virtual Machines, List section, make click on the virtual machine that we want to turn on, and press the Start button. In this area we will be able to change different components of the virtual machine.

The Open VNC console option is used to pop up a new window with graphical access to the virtual machine.

Subscribe to

Follow by Email

About the author...

Javier Andrés Alonso has got a Master's Degree in Telecommunication Engineering and a Bachelor's Degree in Telecommunication Technical Engineering (specialising in Telematics), from the Polytechnic School of the University of Alcalá de Henares.